|
OPEN SECURITY EXCHANGE TO EXTEND INTEGRATION
OF PHYSICAL AND CYBER SECURITY MANAGEMENT THROUGH NEW INDUSTRY ALLIANCES,
STANDARDS AND BEST PRACTICES
At RSA Conference, OSE Will Unveil Best
Practices for Smart Card Standards for Physical and Cyber Security;
New Relationship with Liberty Alliance Will Extend Federated Identity
Standards into Physical Security
RSA CONFERENCE, SAN FRANCISCO — February 24, 2004
— At this week’s RSA Conference in San Francisco,
the Open Security Exchange (OSE), a program of the IEEE Industry
Standards and Technology Organization (ISTO), will announce the
formation of a liaison with the Liberty Alliance that will help
extend federated identity standards for wireless devices to include
physical security. Additionally, the OSE will introduce a new white
paper that outlines best practices for unifying the management of
physical and cybersecurity with smart cards.
The OSE is a global organization composed of key leaders in the
fields of physical and cyber security, including Computer Associates,
Gemplus, HID Corporation and Tyco Software House.
Partnership with Liberty Alliance to Extend Federated Identity
The OSE is announcing a liaison with the Liberty Alliance, the premier
open standards organization for federated identity and identity-based
services. Federated identity allows users to link identity information
between accounts without centrally storing personal information
— meaning that users can be authenticated by one company or
Web site and be recognized and delivered personalized content and
services in other locations without having to re-authenticate or
sign on with a separate username and password.
The OSE’s mission of integrating security management maps
closely to the Liberty Alliance’s goals of enabling federated
identities across all systems. The OSE/Liberty relationship will
allow the two organizations to collaborate on creating standards
and best practices to develop enhanced authentication methods for
wireless, subscriber identity module (SIM)-based access to Liberty-enabled
Web services.
Ultimately, this would allow unified SIM authentication for physical
access control systems as well as network access, and increase a
company’s ability to offer convenient single sign-on for mobile
commerce payment systems.
“The OSE is firmly committed to supporting and contributing
to the Liberty standards and Mobile Business guidelines,”
said Eric Maurice, executive director of the Open Security Exchange.
“These guidelines complement the OSE’s efforts to promote
security management by helping organizations address the challenges
related to federated identity management across physical and cyber
security infrastructures.”
“Our alliance with the OSE will help Liberty Alliance to
extend federated identity standards into the realm of physical security,”
said Michael Barrett, president of the Liberty Alliance and vice
president for privacy and security for American Express. “Liberty
Alliance’s mission has always been to promote interoperability
and federated identity across industries and across platforms. Together
with OSE we can build federated identity into the wireless and physical
security worlds.
New OSE White Paper Builds on Initial Charter
Building on the consortium’s first initiative for increasing
the convergence between the realms of physical and cyber security,
as well as the initial specifications announced last year, the OSE
today unveils a white paper, “Smart Card Enabled Access Control
Used in Logical and Physical Systems.” The paper can be downloaded
from the OSE’s Web site, www.opensecurityexchange.org.
The paper is a primer for companies planning to select smart cards
for both logical and physical access, providing technical guidance
and objective selection criteria that enable users to make educated
choices among the standards available and the various products offered
by vendors. This white paper will help end users understand how
smart cards can be used as credentials to control access to physical
locations and IT systems, for authentication to network tools and
specific business applications on a user-by-user basis.
Additionally, the paper outlines best practices related to the issuance
of credentials and the provisioning of users and privileges across
physical and IT systems.
“Security managers are faced with a daunting challenge in
selecting smart card technologies, with multiple, often conflicting
standards both for physical and cyber access control. It’s
very cumbersome to compare technologies from key vendors,”
said Dave Hawkins, vice chair of the Open Security Exchange’s
Technical Working Group. “With this white paper, we will educate
business planners about the various choices of technologies, the
various standards and the existing options most likely to lead to
fully interoperable solutions.”
In addition to its four founders, Computer Associates, Gemplus,
HID Corporation, and Tyco Software House, the OSE’s current
members include ActivCard, CoreStreet, Fargo, Siemens Building Technologies,
Siemens Building Information and Communications Network Inc., and
VistaScape.
Members of the media are encouraged to schedule individual briefings
with OSE spokespeople or learn more during a reception on Wednesday,
February 25th at Room 121 North at the Moscone Center, from 5-6
p.m. The OSE will also be presenting a solutions showcase on Wednesday
at 2:30 p.m. on the RSA show floor.
About OSE
Dedicated to promoting the adoption of interoperability specifications
in the area of security management, the Open Security Exchange was
founded by Computer Associates International, Inc. (http://www.ca.com),
Gemplus (http://www.gemplus.com),
HID Corporation (http://www.hidcorp.com)
and Tyco Software House (http://www.swhouse.com).
The first technical specifications issued by the Open Security Exchange
address interoperability between physical and cyber security technologies.
Membership in the Open Security Exchange is open to all qualified
organizations. For more information, please visit http://www.opensecurityexchange.org.
Contact
Greg Kohn
OSE Program Manager
+1 732 465 6486
greg.kohn@ieee-isto.org
|
